Posts
Cloud Security
Java Exploits: Offense and Defense
Summary
Matthew J. Harmons (ISC)2 Twin Cities Chapter presentation Java Exploits: Offense and Defense, delivered on October 24, 2012, examines the pervasive risk of client-side Java vulnerabilities and outlines why these flaws represent a critical attack vector for organizations. Harmon, drawing on his two decades of security experience, highlights how the Java sandbox can be bypassed via reflection and code injectiondemonstrated by high-impact exploits documented by researchers like Joshua Drake and Adam Gowdiakand underscores the urgency of addressing these pervasive weaknesses.
Security on a Shoestring Budget
Summary
The Minnesota Council for Non Profits presentation Security on a Shoestring Budget by Matthew J. Harmon and Natascha E. Shawver delivers practical guidance for nonprofit organizations to improve their security posture without large investments. It frames security as a mission enabler rather than a cost center and stresses that common-sense controls can dramatically reduce risk.
Why Take the Risk? Doing Risk Assessments Right
Summary
The SANS presentation Why Take the Risk? Doing Risk Assessments Right by Matthew J. Harmon, delivered at the 30th Annual Minnesota Government IT Symposium on December 7, 2011, lays out a structured approach for organizations to identify, analyze, and manage IT risks. Harmon draws on industry standards and real-world examples to show how a disciplined risk assessment process can both prevent loss and add strategic value.